Discovered last week, fashion brand says it immediately took steps to contain this incident.
Fashion and fragrance giant Dior has said it was hit by a cyber-attack where customer data was accessed.
Whilst no financial information was impacted, the company said in a statement that the incident was caused by an unauthorised external party.
“We immediately took steps to contain this incident,” it said. “The teams at Dior, supported by leading cybersecurity experts, continue to investigate and respond to the incident. We are notifying all the relevant regulatory authorities.
“No financial information, including bank details, Iban or credit card details, was contained in the database accessed.
Discovered Recently
According to media reports, the company discovered the breach on May 7th and Robert Cottrill, technology director at ANS, said: “With Dior now joining the growing list of high-profile breaches, it’s evident that cybersecurity must be a priority for retailers, whether they are a household high-street name or a global luxury powerhouse.
“Crucially, Dior’s clientele includes a substantial proportion of high net worth individuals. This elevates the severity of the breach significantly, as cyber-criminals may see such data as a lucrative opportunity to pursue large-scale financial theft or identity fraud.
“The potential rewards for threat actors are far greater, making luxury brand customers especially attractive targets. Dior customers, and indeed clients of any premium retailer, must remain vigilant and sceptical of any unexpected communications."
Complex Systems
Matt Hull, global head of threat intelligence at NCC Group said: “Rather than asking ‘who’s next?’, the focus should now shift to ‘how prepared are we to bounce back when something does go wrong?’. Cyber resilience isn’t just about preventing attacks - it’s about how well a business can respond, recover, and keep earning the trust of its customers. That’s something every organisation, not just retailers, needs to take seriously.
“Global brands like Dior operate complex systems across multiple markets, which can make them attractive targets for threat actors. The reported access to customer data in China and Korea underscores how breaches can quickly transcend borders and impact individuals internationally.”
Richard Ford, CTO at Integrity360, said that while it would be easy to draw a link to the M&S, Co-Op and Harrods breaches, all of which have been attributed to the Scattered Spider group, he urged caution before making an attribution leap as there seems to be differences between the attacks.
“Yes, there is a link to retail, but geographically it seems to have affected only East Asian customers (Scattered Spider are known to be English speaking) and the objective seems to be data theft rather than affecting operations,” he commented. “That said, this may be down to the maturity of Dior's security controls alongside their response readiness that is masking this connection.”
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
